1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.servlet.filters.sso.cas;
24  
25  import com.liferay.portal.kernel.log.Log;
26  import com.liferay.portal.kernel.log.LogFactoryUtil;
27  import com.liferay.portal.kernel.util.Validator;
28  import com.liferay.portal.servlet.filters.BasePortalFilter;
29  import com.liferay.portal.util.PortalUtil;
30  import com.liferay.portal.util.PrefsPropsUtil;
31  import com.liferay.portal.util.PropsKeys;
32  import com.liferay.portal.util.PropsValues;
33  import com.liferay.util.servlet.filters.DynamicFilterConfig;
34  
35  import java.util.Map;
36  import java.util.concurrent.ConcurrentHashMap;
37  
38  import javax.servlet.Filter;
39  import javax.servlet.FilterChain;
40  import javax.servlet.ServletContext;
41  import javax.servlet.http.HttpServletRequest;
42  import javax.servlet.http.HttpServletResponse;
43  import javax.servlet.http.HttpSession;
44  
45  /**
46   * <a href="CASFilter.java.html"><b><i>View Source</i></b></a>
47   *
48   * @author Michael Young
49   * @author Brian Wing Shun Chan
50   * @author Raymond Augé
51   */
52  public class CASFilter extends BasePortalFilter {
53  
54      public static void reload(long companyId) {
55          _casFilters.remove(companyId);
56      }
57  
58      protected Filter getCASFilter(long companyId) throws Exception {
59          edu.yale.its.tp.cas.client.filter.CASFilter casFilter =
60              _casFilters.get(companyId);
61  
62          if (casFilter == null) {
63              casFilter = new edu.yale.its.tp.cas.client.filter.CASFilter();
64  
65              DynamicFilterConfig config = new DynamicFilterConfig(
66                  _filterName, _servletContext);
67  
68              String serverName = PrefsPropsUtil.getString(
69                  companyId, PropsKeys.CAS_SERVER_NAME,
70                  PropsValues.CAS_SERVER_NAME);
71              String serviceUrl = PrefsPropsUtil.getString(
72                  companyId, PropsKeys.CAS_SERVICE_URL,
73                  PropsValues.CAS_SERVICE_URL);
74  
75              config.addInitParameter(
76                  edu.yale.its.tp.cas.client.filter.CASFilter.LOGIN_INIT_PARAM,
77                  PrefsPropsUtil.getString(
78                      companyId, PropsKeys.CAS_LOGIN_URL,
79                      PropsValues.CAS_LOGIN_URL));
80  
81              if (Validator.isNotNull(serviceUrl)) {
82                  config.addInitParameter(
83                      edu.yale.its.tp.cas.client.filter.CASFilter.
84                          SERVICE_INIT_PARAM,
85                      serviceUrl);
86              }
87              else {
88                  config.addInitParameter(
89                      edu.yale.its.tp.cas.client.filter.CASFilter.
90                          SERVERNAME_INIT_PARAM,
91                      serverName);
92              }
93  
94              config.addInitParameter(
95                  edu.yale.its.tp.cas.client.filter.CASFilter.VALIDATE_INIT_PARAM,
96                  PrefsPropsUtil.getString(
97                      companyId, PropsKeys.CAS_VALIDATE_URL,
98                      PropsValues.CAS_VALIDATE_URL));
99  
100             casFilter.init(config);
101 
102             _casFilters.put(companyId, casFilter);
103         }
104 
105         return casFilter;
106     }
107 
108     protected Log getLog() {
109         return _log;
110     }
111 
112     protected void processFilter(
113             HttpServletRequest request, HttpServletResponse response,
114             FilterChain filterChain)
115         throws Exception {
116 
117         long companyId = PortalUtil.getCompanyId(request);
118 
119         if (PrefsPropsUtil.getBoolean(
120                 companyId, PropsKeys.CAS_AUTH_ENABLED,
121                 PropsValues.CAS_AUTH_ENABLED)) {
122 
123             String pathInfo = request.getPathInfo();
124 
125             if (pathInfo.indexOf("/portal/logout") != -1) {
126                 HttpSession session = request.getSession();
127 
128                 session.invalidate();
129 
130                 String logoutUrl = PrefsPropsUtil.getString(
131                     companyId, PropsKeys.CAS_LOGOUT_URL,
132                     PropsValues.CAS_LOGOUT_URL);
133 
134                 response.sendRedirect(logoutUrl);
135             }
136             else {
137                 Filter casFilter = getCASFilter(companyId);
138 
139                 casFilter.doFilter(request, response, filterChain);
140             }
141         }
142         else {
143             processFilter(CASFilter.class, request, response, filterChain);
144         }
145     }
146 
147     private static Log _log = LogFactoryUtil.getLog(CASFilter.class);
148 
149     private static Map<Long, edu.yale.its.tp.cas.client.filter.CASFilter>
150         _casFilters = new ConcurrentHashMap
151             <Long, edu.yale.its.tp.cas.client.filter.CASFilter>();
152 
153     private String _filterName;
154     private ServletContext _servletContext;
155 
156 }